DNSChanger: Removing the virus just got a lot harder
If you didn't act fast enough to the DNSChanger scare, fixing the problem will be a lot more difficult today.
Paul Sakuma/AP
If your PC is one of the possible 500,000 computers worldwide that has been hit by the DNSChanger virus, chances are, you already know it. Because of a move by the FBI today, all infected computers have gone offline. Many reports suggest that the damage today has been minimal. But if your computer still carries the virus, fixing the problem just got a lot harder.
The good news: If you're reading this article, this machine is clearly not affected.
DNSChanger is an computer virus that allowed criminals based in Estonia to redirect your Web browsing. Instead of visiting the website that you wanted, the virus rerouted you through a rogue server that would feed you advertisements. And, if anything happened to these rogue servers, the virus would keep trying to reach them unsuccessfully, effectively knocking your computers offline.
Well, last year, the FBI and Estonian authorities busted the black-hat hacking ring who set up the virus. For the past eight months, the Bureau has arranged for a series of servers to stay online and carry the traffic that would otherwise be downed by cutting off the hackers’ servers. Now, however, those FBI servers have been shut down. You’re on your own.
If one of your PCs is hit by DNSChanger, you'll need to figure out a way to get anti-virus software onto that computer.
First, here are several clean-up programs listed by the DNS Changer Working Group. These programs should remove the virus and related programs, but you'll need to get them onto the infected machine through a USB drive, CD/DVD, or some other way that does not involve the Internet. You can do that on your own, or have a computer professional do it for you.
- Hitman Pro (32bit and 64bit versions)
- Kaspersky Labs TDSSKiller
- McAfee Stinger
- Microsoft Windows Defender Offline
- Microsoft Safety Scanner
- Norton Power Eraser
- Trend Micro Housecall
- MacScan
- Avira
Once your computer is set with a legitimate DNS, you will want to check your router, if you have one, to make sure it is also using the proper address.
As the DNSChanger Working Group cautions, “Changing DNS is only one of the functions of the malware kits. The malware could have been used for capturing keystrokes or acting as a proxy for traffic to sensitive sites like bank accounts or social media.”
You will want to check all of your financial accounts, and other sensitive information sources, to make sure they have not been affected. You will also want to change your passwords.
If you still find that you are not clear of the problems hatched by DNSCharger, experts encourage you to call your Internet service provider for help.